PERSPECTIVES SESSION 12 Christian Community Development Graham & Eileen Hodgetts
Redefining Perspectives edition 12 and 13 session 2
-
Upload
sapientindia -
Category
Technology
-
view
54 -
download
3
description
Transcript of Redefining Perspectives edition 12 and 13 session 2
![Page 1: Redefining Perspectives edition 12 and 13 session 2](https://reader033.fdocuments.us/reader033/viewer/2022051611/54b6d63c4a7959ec3a8b4673/html5/thumbnails/1.jpg)
Redefining Perspectives A thought leadership forum for technologists interested in defining a new future
![Page 2: Redefining Perspectives edition 12 and 13 session 2](https://reader033.fdocuments.us/reader033/viewer/2022051611/54b6d63c4a7959ec3a8b4673/html5/thumbnails/2.jpg)
Session 2
Lessons from Real Life Cloud Computing
Implementations
![Page 3: Redefining Perspectives edition 12 and 13 session 2](https://reader033.fdocuments.us/reader033/viewer/2022051611/54b6d63c4a7959ec3a8b4673/html5/thumbnails/3.jpg)
Vibhor Mathur Senior Specialist – Technology
Sapient Global Markets (India)
Vibhor has more than 14 years of experience in designing
and developing complex business critical applications
primarily using C++ / VC++ technologies
He has a strong hold on the Trading and Risk Management
domain, specifically in the areas of trade life cycle
management and handling of OTC (Over the Counter)
trades
![Page 4: Redefining Perspectives edition 12 and 13 session 2](https://reader033.fdocuments.us/reader033/viewer/2022051611/54b6d63c4a7959ec3a8b4673/html5/thumbnails/4.jpg)
Shivam Kumar Specialist – Technology
Sapient Global Markets (India)
Shivam has over 9 years of experience in software design
and development. He specializes in performance and
scalability of applications
He has developed various systems using platform and
technologies like compute grids, Hadoop and Cloud
Computing to achieve scalability. He has co-authored in-
house compute grids and elastic servers
![Page 5: Redefining Perspectives edition 12 and 13 session 2](https://reader033.fdocuments.us/reader033/viewer/2022051611/54b6d63c4a7959ec3a8b4673/html5/thumbnails/5.jpg)
CLOUD COMPUTING:
LESSONS FROM REAL LIFE IMPLEMENTATIONS Vibhor Mathur and Shivam Kumar
May 2014
![Page 6: Redefining Perspectives edition 12 and 13 session 2](https://reader033.fdocuments.us/reader033/viewer/2022051611/54b6d63c4a7959ec3a8b4673/html5/thumbnails/6.jpg)
What We’ll Cover
Share a perspective on the challenges faced and lessons learnt from real life experiences of
working on cloud based implementations
Porting a complex app from on-premise to cloud
1
Integrating a cloud application with on-premise infrastructure
2
© COPYRIGHT 2014 SAPIENT CORPORATION
![Page 7: Redefining Perspectives edition 12 and 13 session 2](https://reader033.fdocuments.us/reader033/viewer/2022051611/54b6d63c4a7959ec3a8b4673/html5/thumbnails/7.jpg)
Porting a Complex Application from
On-premise to Cloud
![Page 8: Redefining Perspectives edition 12 and 13 session 2](https://reader033.fdocuments.us/reader033/viewer/2022051611/54b6d63c4a7959ec3a8b4673/html5/thumbnails/8.jpg)
We’ll Focus on…
• Solution Layout
• Security
• Performance
• Platform Availability
• Operations
![Page 9: Redefining Perspectives edition 12 and 13 session 2](https://reader033.fdocuments.us/reader033/viewer/2022051611/54b6d63c4a7959ec3a8b4673/html5/thumbnails/9.jpg)
CMRS | Application Context
9
TRADING FIRM
TRADING
SYSTEM 1
TRADING
SYSTEM 2
TRADING
SYSTEM 3
TRADING
REPOSITORY (e.g. DTCC)
CMRS (Sapient)
© COPYRIGHT 2014 SAPIENT CORPORATION
![Page 10: Redefining Perspectives edition 12 and 13 session 2](https://reader033.fdocuments.us/reader033/viewer/2022051611/54b6d63c4a7959ec3a8b4673/html5/thumbnails/10.jpg)
CMRS | Deployment on Cloud
© COPYRIGHT 2014 SAPIENT CORPORATION
![Page 11: Redefining Perspectives edition 12 and 13 session 2](https://reader033.fdocuments.us/reader033/viewer/2022051611/54b6d63c4a7959ec3a8b4673/html5/thumbnails/11.jpg)
• Hardware Based
Limitations – e.g.
use of MQ
Porting from On-premise to Cloud (1/2)
MQ SERVER 1
MQ SERVER 2
MQ RECEIVER
CMRS ON PREMISE TRADING REPOSITORY
DEDICATED NETWORK
Interfacing with external entities needs to be thought through across the following dimensions:
© COPYRIGHT 2014 SAPIENT CORPORATION
![Page 12: Redefining Perspectives edition 12 and 13 session 2](https://reader033.fdocuments.us/reader033/viewer/2022051611/54b6d63c4a7959ec3a8b4673/html5/thumbnails/12.jpg)
TRADING REPOSITORY
Porting from On-premise to Cloud (1/2)
SFTP SERVER 1
SFTP SERVER 2
SFTP RECEIVER
CMRS ON CLOUD
Cloud Service
Interfacing with external entities needs to be thought through across the following dimensions:
© COPYRIGHT 2014 SAPIENT CORPORATION
• Hardware Based
Limitations – e.g.
use of MQ
INTERNET
![Page 13: Redefining Perspectives edition 12 and 13 session 2](https://reader033.fdocuments.us/reader033/viewer/2022051611/54b6d63c4a7959ec3a8b4673/html5/thumbnails/13.jpg)
TRADING REPOSITORY
Porting from On-premise to Cloud (1/2)
SFTP SERVER 1
SFTP SERVER 2
SFTP RECEIVER
CMRS ON CLOUD
Cloud Service
Interfacing with external entities needs to be thought through across the following dimensions:
© COPYRIGHT 2014 SAPIENT CORPORATION
INTERNET
• Hardware Based
Limitations – e.g.
use of MQ
• Static IP Address
Limitation
PU
BLI
C
PR
IVA
TE
![Page 14: Redefining Perspectives edition 12 and 13 session 2](https://reader033.fdocuments.us/reader033/viewer/2022051611/54b6d63c4a7959ec3a8b4673/html5/thumbnails/14.jpg)
Porting from On-premise to Cloud (2/2)
Partner with the cloud platform vendor to establish the architecture
• Deployment Design – e.g. use of availability sets
• Security – e.g. use of access control lists
• Software license usage – e.g. optimizing the use of BizTalk
licenses
© COPYRIGHT 2014 SAPIENT CORPORATION
![Page 15: Redefining Perspectives edition 12 and 13 session 2](https://reader033.fdocuments.us/reader033/viewer/2022051611/54b6d63c4a7959ec3a8b4673/html5/thumbnails/15.jpg)
Security in Cloud
15
Data in Transit
• Transmission over sFTP
Data at Rest
• Data Encryption
• Disable Copy over RDP
Environment
• Access Control Lists (ACLs)
• Site to Site VPN Tunnel
• Penetration Testing
• Intrusion Detection
Governance
• Processes
• Audits
© COPYRIGHT 2014 SAPIENT CORPORATION
![Page 16: Redefining Perspectives edition 12 and 13 session 2](https://reader033.fdocuments.us/reader033/viewer/2022051611/54b6d63c4a7959ec3a8b4673/html5/thumbnails/16.jpg)
Plan for Performance Related Changes
0
5
10
15
20
25
30
35
40
45
1 2 3 4 5 6 7 8 9 10
Thro
ugh
pu
t (m
sgs/
sec)
Iterations
On Cloud On Premise
• Performance of the application cannot be assumed to be same as on premise
• Key physical characteristics of the cloud platform
• IOPS of the system drive – e.g. system
drives are read optimized by default
• Potential deployment re-engineering
• Distribution of key database files
across disks
© COPYRIGHT 2014 SAPIENT CORPORATION
![Page 17: Redefining Perspectives edition 12 and 13 session 2](https://reader033.fdocuments.us/reader033/viewer/2022051611/54b6d63c4a7959ec3a8b4673/html5/thumbnails/17.jpg)
Platform (Un)Availability – Assume Things will go Wrong
Event Possible Mitigation
Scheduled Outages
Processes / Standard Operating Procedures
Unscheduled Outages
Processes + Deployment Design
Human Error Processes + Governance
© COPYRIGHT 2014 SAPIENT CORPORATION
![Page 18: Redefining Perspectives edition 12 and 13 session 2](https://reader033.fdocuments.us/reader033/viewer/2022051611/54b6d63c4a7959ec3a8b4673/html5/thumbnails/18.jpg)
• Infrastructure Management
• Patching, anti-virus updates
• Monitoring
• Service Level Agreements
• Understanding the SLAs of all the players including the cloud platform provider
• SLAs we offer has a significant impact on the cost e.g – 24x7 vs 16x5 support model
• Costs
• Infrastructure cost – architecture choices has a major impact
• Supporting the platform – people cost could be substantially higher
Operating a Cloud Based SaaS Platform
© COPYRIGHT 2014 SAPIENT CORPORATION
![Page 19: Redefining Perspectives edition 12 and 13 session 2](https://reader033.fdocuments.us/reader033/viewer/2022051611/54b6d63c4a7959ec3a8b4673/html5/thumbnails/19.jpg)
Integrating a Cloud App with On-premise
Infrastructure
![Page 20: Redefining Perspectives edition 12 and 13 session 2](https://reader033.fdocuments.us/reader033/viewer/2022051611/54b6d63c4a7959ec3a8b4673/html5/thumbnails/20.jpg)
We’ll Focus on…
• Introduction to Risk Calculator
• Motivators for Moving to Cloud
• Application Topology
• Demo – Key Features
• Auto Scaling
• Integration with Enterprises Services
We’ll focus on…
© COPYRIGHT 2014 SAPIENT CORPORATION
![Page 21: Redefining Perspectives edition 12 and 13 session 2](https://reader033.fdocuments.us/reader033/viewer/2022051611/54b6d63c4a7959ec3a8b4673/html5/thumbnails/21.jpg)
• Risk Calculator finds out risk scores of
Mortgage Backed Securities (MBS)
• Large number of MBS securities.
• Characteristics
• Highly CPU intensive process
• Irregular usage pattern
Introduction to Risk Calculator
Portfolio Manager
Risk Calculator Client
Logging
Service
Application Monitor
Application Support Team Server
Server Server
Server
© COPYRIGHT 2014 SAPIENT CORPORATION
![Page 22: Redefining Perspectives edition 12 and 13 session 2](https://reader033.fdocuments.us/reader033/viewer/2022051611/54b6d63c4a7959ec3a8b4673/html5/thumbnails/22.jpg)
Why move Risk Calculator to Cloud
• Scale-on-Demand: Cloud allows risk calculator to add computing power when
needed
• No Initial Investment: on procuring infrastructure that is not fully utilized
• Reduced Maintenance Overheads: maintenance for components unsupported by
the enterprise can be outsourced to the cloud
© COPYRIGHT 2014 SAPIENT CORPORATION
![Page 23: Redefining Perspectives edition 12 and 13 session 2](https://reader033.fdocuments.us/reader033/viewer/2022051611/54b6d63c4a7959ec3a8b4673/html5/thumbnails/23.jpg)
Application Topology on Cloud
EC2
Server Server
Server Server
Risk Calculator
Client
Request Queue (SQS)
Response Queue (SQS)
ENTERPRISE
Elastic Cache
Simple Storage Service (S3)
© COPYRIGHT 2014 SAPIENT CORPORATION
![Page 24: Redefining Perspectives edition 12 and 13 session 2](https://reader033.fdocuments.us/reader033/viewer/2022051611/54b6d63c4a7959ec3a8b4673/html5/thumbnails/24.jpg)
ENTERPRISE
EC2
Server Server
Server Server
Risk Calculator Client
Request Queue (SQS)
Response Queue (SQS)
Elastic Cache
Simple Storage Service (S3)
Auto Scaler
Server Server
Auto Scaling
© COPYRIGHT 2014 SAPIENT CORPORATION
![Page 25: Redefining Perspectives edition 12 and 13 session 2](https://reader033.fdocuments.us/reader033/viewer/2022051611/54b6d63c4a7959ec3a8b4673/html5/thumbnails/25.jpg)
Enterprise Integration
EC2
Server Server
Server Server
Risk Calculator Client
Request Queue (SQS)
Response Queue (SQS)
ENTERPRISE
Elastic Cache
Simple Storage Service (S3)
Auto Scaler
Server Server
Logging Service
Application Monitor
Reverse Tunnel Apache HTTPD Reverse Proxy
© COPYRIGHT 2014 SAPIENT CORPORATION
![Page 26: Redefining Perspectives edition 12 and 13 session 2](https://reader033.fdocuments.us/reader033/viewer/2022051611/54b6d63c4a7959ec3a8b4673/html5/thumbnails/26.jpg)
ENTERPRISE
Credentials Management
Credentials Store
Credential Service
Risk Calculator Auto Scaler
Enterprise Authentication Server
Identity and Access Management (IAM)
© COPYRIGHT 2014 SAPIENT CORPORATION
![Page 27: Redefining Perspectives edition 12 and 13 session 2](https://reader033.fdocuments.us/reader033/viewer/2022051611/54b6d63c4a7959ec3a8b4673/html5/thumbnails/27.jpg)
Lessons Learnt
27
![Page 28: Redefining Perspectives edition 12 and 13 session 2](https://reader033.fdocuments.us/reader033/viewer/2022051611/54b6d63c4a7959ec3a8b4673/html5/thumbnails/28.jpg)
Lessons Learnt
1. Porting an On-premise Application to Cloud
• Design the solution considering cloud constraints e.g. dependency on hardware
• Running a SaaS platform is a different ball game e.g. Cost Management, SLA
Management
• Cost is not a differentiator - go with a vendor who is willing to partner
© COPYRIGHT 2014 SAPIENT CORPORATION
![Page 29: Redefining Perspectives edition 12 and 13 session 2](https://reader033.fdocuments.us/reader033/viewer/2022051611/54b6d63c4a7959ec3a8b4673/html5/thumbnails/29.jpg)
Lessons Learnt
2. Integrating an Application on Cloud with On-premise Infrastructure
• Use hybrid cloud model where the need for compute power is extremely variable
• Integrating with enterprise services will be needed – design for it upfront
• Integrating from cloud into the enterprise is not trivial e.g. security perception
© COPYRIGHT 2014 SAPIENT CORPORATION
![Page 30: Redefining Perspectives edition 12 and 13 session 2](https://reader033.fdocuments.us/reader033/viewer/2022051611/54b6d63c4a7959ec3a8b4673/html5/thumbnails/30.jpg)
Thank You